From 32e09b9cc27a4627842d4f4b3361726395756981 Mon Sep 17 00:00:00 2001 From: Bertrand Lanson Date: Sun, 15 Sep 2024 22:42:29 +0200 Subject: [PATCH] ci: test reusable workflows --- .gitea/workflows/e2e-tests-vault.yml | 20 +++++++++ .gitea/workflows/e2e-tests.yml | 65 ++++++++++++++++++++++++++++ 2 files changed, 85 insertions(+) create mode 100644 .gitea/workflows/e2e-tests-vault.yml create mode 100644 .gitea/workflows/e2e-tests.yml diff --git a/.gitea/workflows/e2e-tests-vault.yml b/.gitea/workflows/e2e-tests-vault.yml new file mode 100644 index 0000000..af817a2 --- /dev/null +++ b/.gitea/workflows/e2e-tests-vault.yml @@ -0,0 +1,20 @@ +--- +name: test +on: + pull_request: + types: + - opened + - edited + - synchronize + branches: + - main + # paths: + # - roles/vault/** + +jobs: + end_to_end_vault: + uses: ./.github/workflows/e2e-tests.yml + with: + role: vault + scenarios: "['vault_default', 'vault_with_raft_enabled']" + test_os: "['debian11', 'debian12', 'ubuntu2004', 'ubuntu2204', 'ubuntu2404']" diff --git a/.gitea/workflows/e2e-tests.yml b/.gitea/workflows/e2e-tests.yml new file mode 100644 index 0000000..bfd3dcb --- /dev/null +++ b/.gitea/workflows/e2e-tests.yml @@ -0,0 +1,65 @@ +--- +name: End-to-end tests + +on: + workflow_call: + inputs: + role: + required: true + type: string + description: "Which role should be tested" + scenarios: + required: true + type: string + description: "Which scenarios should be run (stringified list)" + test_os: + required: true + type: string + description: "On which OS to run the tests (stringified list)" + +jobs: + retrieve-credentials: + name: Retrieve Credentials + runs-on: ubuntu-latest + outputs: + registry-username: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_USERNAME }} + registry-token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }} + steps: + - name: Get secrets from vault + id: import-secrets + uses: hashicorp/vault-action@v3 + with: + url: "https://vault.ednz.fr" + method: approle + roleId: ${{ secrets.VAULT_APPROLE_ID }} + secretId: ${{ secrets.VAULT_APPROLE_SECRET_ID }} + secrets: | + kv/data/applications/gitea/users/actions username | GITEA_ACTIONS_USERNAME ; + kv/data/applications/gitea/users/actions token_write | GITEA_ACTIONS_TOKEN ; + + molecule-test: + name: Molecule tests + runs-on: ubuntu-latest + container: + image: git.ednz.fr/container-factory/ansible-runner:act-latest + credentials: + username: ${{needs.retrieve-credentials.outputs.registry-username}} + password: ${{needs.retrieve-credentials.outputs.registry-token}} + strategy: + matrix: + test_os: ${{ fromJSON(inputs.test_os) }} + scenario: ${{ fromJSON(inputs.scenarios) }} + env: + ANSIBLE_HOST_KEY_CHECKING: "false" + ANSIBLE_FORCE_COLOR: "true" + ANSIBLE_PYTHON_INTERPRETER: /usr/bin/python3 + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: "Molecule test" + run: molecule test -s ${{ matrix.scenario }} + shell: bash + working-directory: ${{ gitea.workspace }}/roles/${{ inputs.role }} + env: + MOLECULE_TEST_OS: ${{ matrix.test_os }}